10 Smart & Easy Steps for Safety & Security on the Web

The ‘Web’ is Great. The Internet is everywhere in our lives these days. With so much data digitized and connected to millions of other Internet connected devices, safety and security should be on the top of our minds these days. Here are 10 things you CAN do to help keep yourself safe in our connected world:

1 – Use strong passwords and use some type of password manager. Your passwords should be MEMORABLE and COMPLEX. That’s right, you can have complex passwords which are still easy to remember. I’m not talking about something like: Tq&5p8g%. How about your Dog’s name spelled backwards followed by the year your kid was born (with exclamation points around it because, well, it’s your kid!) – odiF!1992! – See, very easy to remember AND technically a ‘better’ password than the previous one (better because it’s one character longer). Make sure to use uppercase and lowercase letters and number(s) and symbols in your ‘complex’ passwords. The longer, the better. I like to refer to it as ‘pass-phrase’ instead of a ‘password’. It would take a desktop PC 58 years to crack my example ‘simple’ password, but only 3 days to crack the hard to remember one (according to howsecureismypassword.net).

Next, you should avoid using the same password on multiple websites. Why? Because if one website is compromised, then the hacker does not have your password for all of the other websites you visit. Yes, remembering 100 different passwords for 100 different websites is almost impossible. I recommend 1 of 2 strategies here. 1 – Use a password manager. LastPass is a good one (they have a free version). Use a program or service like this that will help you keep and organize your passwords. Most of these services encrypt your data on your end, so your password list is not actually stored on their servers. Only you can access the password list with your one ‘master’ password. If you object to using a service like this, you could even create an Excel Speadsheet (password protect this file, please) with a list of your passwords. 2 – If you just can’t use a service or any program to document your passwords, I recommend using password ‘buckets’. You would have multiple passwords – one for each ‘type’ of website. Your Pandora and Netflix accounts would get one password. Your bank account(s) would get another. Credit cards a different one, etc. This would yield you maybe a few or several passwords to remember, but cover dozens of websites. ALWAYS have a unique password for your email account! With a ‘bucket’ system, if one website gets hacked, you’ll just have to change passwords on a few other websites vs. giving the bad guys keys to the castle if your one password gets cracked. And yes, it will get cracked!

2 – Two-factor Authentication (2FA). It sounds scary, but is the best way to prevent the bad guys from getting access to your accounts even if your password is stolen! I definitely recommend turning on 2FA with your email account. Most of the big websites support 2FA – Google, Yahoo, Twitter, Facebook, Apple, Microsoft, etc. You go into your security settings on your account online and turn it on. When it doesn’t recognize the computer that your logging in on (like when you get a new laptop), it asks you for a second piece of info (such as a code they test to your smartphone). Even if a hacker gets your password, they won’t have access to your phone, so they cannot get into your account. Simple as that. Really not difficult to setup or use. Here is an article for setting up 2-step verification for your Google account.

3 – Use a Browser Ad-Blocker. Ad Block Plus and uBlock are 2 great ones (and free!). Just download these browser extensions/add-ons and they will remove most of the Advertisements from almost all websites! Not only are most ads annoying, but they can also lead you to download bad things and can contain malicious code! They can reduce tracking cookies on your computer and are available for most popular browsers (Chrome, FireFox, Safari, Internet Explorer…)

4 – UPDATES! You should make sure that any program that ‘touches’ the Internet is updated! Windows, Internet Explorer, Google Chrome, FireFox, Adobe Flash, Adobe Acrobat, Java, etc. Most of these will either automatically update themselves (my preference) or will pop up and ask you to update them on a regular basis (you should). Updating is very important as they regularly discover security problems and patch them. When they release the patches, the hackers examine the patches, see what ‘security holes’ they are patching and go to work right away in exploiting these. Update ASAP!

5 – BACKUP! Do you have any important data on your computer? Digital pictures? Documents? What if your data gets erased (or worse – encrypted) by the bad guys and your data is lost forever! That’s not to mention the significant chance of hardware failure that can cause your data to be lost too. Backup now before it’s too late. Get an external hard drive (not expensive) and/or use a ‘cloud’ backup service that copies your data to their servers for safe keeping in case of disaster.

6 – Do away with Java and many Plugins. Java is used by LOTS of criminals to gain access to your computer. They may put code on a website and just by going to that website (maybe you mistype a website address), you can get your computer infected if Java is active on your computer. Adobe plugins are used the same way (Flash). These plugins are not used much these days on most websites, so you can either remove or disable this technology from your browser(s) and your computer will be much safer. Here is an article with step-by-step instructions on disabling Java in your browser(s). 99% of those toolbars are not good for you either, so head over to the Control Panel – Programs and remove them!

7 – Use a VPN for public or unknown Wi-Fi use. It’s great that your favorite coffee spot or restaurant has free Wi-Fi you can use, but now your connected to a network with a bunch of strangers. Are they good guys, bad guys? Who knows? An easy way to secure your ‘open’ connection is to use a Virtual Private Network (VPN) software. Hotspot Shield is a great one (and they offer a free version). It’s easy to use too! Just install the software, then when you visit your local coffee shop and connect, launch HotSpot Shield and it will encrypt your communication while your there. Simple as that. I won’t connect to any Wi-Fi without it!

8 – Anonymous Browsing. Did you know that Google keeps records of EVERY SINGLE SEARCH QUERY IT HAS EVER RECEIVED? If that gives you cause for concern, then you should be using Tor. Tor is free and bounces your web traffic around the Internet so that your browsing habits cannot be easily learned.

9 – Use an Alternate Browser and HTTPS. You should be using a good Internet browser like Google Chrome or Mozilla FireFox. This is especially important if you do not have the latest version of Microsoft’s Internet Explorer. Also, you can use the HTTPS Everywhere plugin to secure your Internet connections to many major websites, making your browsing more secure.

10 – Use Encryption. If you have important data on your computer (especially laptops that can be easily lost or stolen), you should be using Full Disk Encryption. With encryption, without your password, your data is scrambled and not usable. TrueCrypt is one you can use, along with Microsoft’s BitLocker or Apple FileVault.